1. User data collected
Personal data may be collected in occasions when, but not limited to, the user is: (i) using Power2Media’s mobile apps or visiting Power2Media’s websites, (ii) registering for Services; (iii) accessing Services using a third party ID; (iv) subscribing to newsletters; (v) purchasing a product or services through Power2Media’s online stores or other application stores or within (vi) requesting technical support; and (vii) otherwise through use of Power2Media Services where personal data is required for use and/or participation.
The user data Power2Media processes may include but is not limited to: email addresses, device IDs, user names and passwords.
Power2Media may supplement the user data with data received from third parties, such as employing companies.
2. Location Data
To the extent Power2Media makes location enabled Services available and the user consumes such Services, Power2Media may collect and process the user’s location data to provide location related Services. For example, some corporate services may use the location of the user device. The location data is processed and stored only for the duration that is required for the provision of the location related Services.
Power2Media may use, depending on the service fine geo-location data based on coordinates obtained from a mobile device’s GPS radio, or coarse, network-based geo-location data based on proximity of network towers or the location of WiFi networks.
3. Disclosures and Transfer of Personal Data
Power2Media may use third parties to collect and process personal data on Power2Media’s behalf and in according to Power2Media’s instructions. Power2Media is not liable for the acts and omissions of these third parties, except as provided by mandatory law.
4. Data Retention and Correctness
Please note that some data may be further retained if necessary to resolve disputes, enforce Power2Media user agreements, and comply with technical and legal requirements and constraints related to the security, integrity and operation of Services.
5. Cookies, beacons and tracking
The Services may use “cookies” and other technologies such as pixel tags, local shared objects, hardware-based device identifiers, Operating System-based identifiers, clear GIFs and web beacons. Power2Media treats information collected by cookies and similar technologies as non-personal data.
Cookies: A “cookie” is a small file stored by user’s browser when told to do so by a website. Typically websites place a number of different cookies on an end-user’s machine. Some of the cookies are “1st Party,” from the website itself, and others are “3rd party,” belonging to advertising and analytics entities or social networks. Power2Media’s cookies do not include personal data and are typically used to quickly identify a device and to “remember” the browser settings on that device during subsequent visits for purposes of functionality, preferences, and website performance. The user can disable cookies or set the browser to alert when cookies are being sent to the user’s device; however, disabling cookies may affect user’s ability to use the Services.
Flash cookies & HTML5: Power2Media may also use Flash cookies (local shared objects) and HTML5 local storage. Flash cookies are small files similar to browser cookies, but which are not stored in the browser and can also be used to remember settings or to personalize the look and feel of the Services. The user may prevent Flash cookies from being stored by following the instructions provided by Adobe at http://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
Web Beacons and pixel tags: A “web beacon” or a “pixel tag” is an electronic image (often not visible to the end-user) that allows Power2Media to count users who have visited certain pages.
6. Third Party Terms and Conditions
7. Safeguards and Data Security
Power2Media follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity and privacy of the information in Power2Media’s possession.
This Data Security article relates to the minimum procedures applied by Power2Media with regard to confidentiality and security of data, online or otherwise, relating to the confidentiality of the user data.
The laws and regulations, among others in the field of data protection will always be the starting point. When a change in the the legislation occurs, Power2Media seeks to accommodate it in the shorterst time span possible. If a provision in this aritcle no longer complies with the applicable laws and regulations, the respective provision should be interpreted in the spirit of the applicable laws and regulations.
The data is therefore strongly considered confidential information. Confidential information includes all information made available by the user and / or generated by the service, including, but not limited to personal, financial data, authorization codes, etc.
Power2Media agrees that the additional sensitivity of confidential information entails to a higher duty of care regarding the confidentiality and security of such data and its processing.
Power2Media shall in respect of the received user data observe at least the same duties of care and safeguards that apply in respect of its own internal confidential information and what is normal in society and will oblige its employees or (if applicable) engaged third parties to comply with the provisions of this appendix on data security.
Power2Media ensures that management processes for the purpose of managing technical vulnerabilities, incident management, handling of data breaches and security incidents, e-waste management and continuity management are well defined and operational.
The data centers used by Power2Media complies with the following minimum Security Requirements:
a. ISO / IEC 27001 certification
b. ISAE 3402 Type I.
The websites, applications and all underlying systems are protected by a firewall that blocks at least all unused network traffic. The web sites, applications and systems are configured in accordance with known ‘hardening’ directives, such as issued by SANS, NIST, ISO and CIS, including, but not limited to the change from industrial standards, such as default passwords, user accounts and disabling unnecessary services.
The systems and web applications are periodically tested for vulnerabilities such as penetration tests and vulnerability scan programs. Real-time intrusion detection and prevention is available which also controls and blocks attempts of unauthorized access to the data. Confidential information is stored in encrypted format only. Confidential information will be removed in any case after expiry of the statutory retention periods and where necessary provide encryption. Encryption is always used for sending user data over the Internet, for the storage of user data on mobile devices, storage in databases or files and in other situations where confidential information is vulnerable for unauthorized access (eg confidential information that can be accessed through the internet). The storage and handling of passwords is made by using hashing functions.
The user may choose to disclose personal data in the course of contributing user- generated content to the Services.
Any data that the user discloses in any of these forums, blogs, chats or the like will become public information, and there is no expectation of privacy or confidentiality with respect to that data.
9. Further information
Power2Media makes efforts in good faith to enable the user to review, update or correct user’s personal data in Power2Media’s possession.
Power2Media will need sufficient information from the user to establish user’s identity and to verify user’s access request.